PRIVACY POLICY

 

MAEPI 13 SL is committed to protecting the privacy of users who access this website and/or any of its services.

Use of the website and/or any of the services offered by MAEPI 13 SL implies the user’s acceptance of the provisions contained in this Privacy Policy, and the processing of their personal data as stipulated therein. Please bear in mind that while links from our website to other websites may be present, this Privacy Policy does not apply to the websites of other companies or organisations to which the website is redirected. MAEPI 13 SL does not control the content of third-party websites, nor accept any responsibility for the content or privacy policies of said websites. 

Information on data processing (Regulation (UE) 2016/679 and LO 3/2018)

Controller 

Identity: MAEPI 13 SL 

Tax No.: B55211106 

Address: Pare Roca 1, 1r 2ª 17800, Olot, Girona 

Email:  hello@scalff.com 

Registered in the Mercantile Registry of  Girona, Page GI-56837 Folio 1, Volume 2989 

 

Purpose of processing 

To offer and sell our natural bedding collection. 

 

Legitimation 

Consent obtained from the interested party. 

Execution of the service contract. 

 

Recipients

the data will not be communicated to third parties, unless required by law or necessary in order to comply with the purpose of the processing or delivering our products. 

 

Rights of individuals

Interested parties have the right to exercise their rights of access, rectification, limitation of processing, deletion, portability and opposition, by sending their request to our address. 

 

Data storage time limit 

As long as the business relationship lasts or for the amount of years necessary to comply with legal obligations. 

 

Claims

Interested parties may contact the AEPD to present any complaint they consider appropriate. 

 

Further information 

You can find detailed additional information below in the “Queries on privacy”. 

 

Queries on privacy

In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (RGPD) and Organic Law 3/2018 of 5 December on the Protection of Personal Information and the guarantee of digital rights (LOPDGDD), we offer you the following information about the processing of your personal data: 

 

Who is the controller of your data? 

Identity: MAEPI 13 SL 

Tax No.: B55211106 

Address: Pare Roca 1, 1r 2ª 17800, Olot, Girona 

Email:  hello@scalff.com 

Registered in the Mercantile Registry of Girona, Page GI-56837 Folio 1, Volume 2989 

 

For what purpose are your personal data processed? 

  • We process the information you provide us to manage and deliver your purchase. 
  • If you get in touch with us using the contact form on our website, we will process your data to deal with your query. 
  • If you give us your consent, we may also process your data so that we can send you information about our activities, products, or services. 
  • If you subscribe, we may remember you the products waiting in to the shopping cart. 
 

How long are your data kept? 

The personal data you provide will be stored as long as you are a user of our services or wish to receive information, as you may object to your data being processed for promotional purposes at any time, and subsequently during the periods set to comply with our legal obligations which, in the case of accounting and tax documents for business purposes, will be 6 years, in accordance with Art. 30 of the Business Code and, for tax purposes, will be 4 years, in accordance with Articles 66 to 70 of the General Tax Law. 

 

What is the legitimacy for processing your data? 

The legitimacy for processing them resides in the execution of the service contract and in the consents that it provides us. 

As regards the collection of data in the visitors’ register and the capture of images by the video surveillance system, the legitimacy is provided by the legitimate interest of safeguarding the security of people and property. 

 

To whom are your data communicated? 

The data will not be communicated to third parties, unless required by law or necessary to comply with the purpose of the processing. 

If you permit us to send you information on our activities and services, we can tell you that email submissions will be made using the MailChimp service provided by The Rocket Science Group, LLC, located in the United States. The international transfer of data to The Rocket Science Group, LLC, is based on the Standard Contractual Clauses for Processors approved by the European Commission. Sending business information using this app enables us to track web beacons to find out how much attention our campaigns are receiving. You can find further information at mailchimp-tracking

 

What are your rights when you provide us your data? 

  • Anyone has the right to obtain confirmation on whether or not we are processing their personal data. 
  • Interested parties have the right to access their personal data, as well as to request that inaccurate data be rectified or, where appropriate, to request that they be deleted when, among other reasons, they are no longer necessary for the purposes for which they were collected. 
  • In certain circumstances, interested parties may request that the processing of their data be limited, in which case we will only keep them to exercise or defend claims. 
  • Also, in certain circumstances and for reasons related to their particular situation, interested parties may object to their data being processed. In this case, we will cease to process them, except when there are compelling legitimate reasons, or to exercise or defend possible claims.
  • Interested parties are also entitled to the portability of their data. 
  • Any interested party has the right not to be subject to a decision based solely on automated processing, including profiling, which can produce legal consequences that may affect them in a highly similar manner. 
  • Finally, interested parties have the right to file a complaint with the competent Control Authority.

 

How can I exercise my rights? 

By sending us a letter, enclosing a copy of an identity document, to our physical or electronic address. 

 

How did we obtain your data?

The personal data we process come from the interested party, who guarantees that the personal data provided are true and is responsible for notifying any changes. Data marked with an asterisk are necessary so that we can provide the requested service. 

 

What data do we process? 

The data categories we can process are: 

  • Identification data 
  • Postal or electronic addresses 

The data are limited, since we only process the data necessary to provide our services and manage our activity. 

 

Do we use cookies? 

We use cookies with the user’s consent while they are browsing our website. The user can set their browser to warn them of the use of cookies and to prevent their use. Please visit our cookie policy. 

 

What security measures do we apply? 

We apply the security measures set down in article 32 of the RGPD. We have therefore adopted the necessary security measures to guarantee a level of security appropriate to the risk of the data processing we conduct, using mechanisms that enable us to ensure the confidentiality, integrity, availability and permanent resilience of the processing systems and services. 

 

These measures include: 

  • Information on the personal data processing policies. 
  • Periodically making security copies. 
  • Controlling access to the data. 
  • Regular verification, assessment, and valuation processes